<?php
include('../db_connect.php');

$ban_user=true;

if($_POST["banID"] == "" || !is_numeric($_POST['banID'])){
	$ban_user=false;
    echo "Sorry, could not validate Facebook ID.";
    return;
}

$facebookID=$_POST['banID'];


//make sure this facebook id does already exist
$sql="select user_id from fb_users where user_id='$facebookID'";
$result2= $db->Execute($sql);
if(!$result2->fields['user_id'])
{
    $ban_user=false;
    echo "Sorry, this Facebook ID does not exist.";
    return;
}
//we are validated, update user as banned 
if($ban_user){
    $sql="update fb_users set banned=1 where user_id=$facebookID";
    $db->Execute($sql);
    echo "Success! Facebook user $facebookID has been banned.";

}

?>
